Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA CAS-005 Exam - Topic 2 Question 13 Discussion

Actual exam question for CompTIA's CAS-005 exam
Question #: 13
Topic #: 2
[All CAS-005 Questions]

A company wants to install a three-tier approach to separate the web. database, and application servers A security administrator must harden the environment which of the following is the best solution?

Show Suggested Answer Hide Answer
Suggested Answer: C

The best solution to harden a three-tier environment (web, database, and application servers) is to implement microsegmentation on the server VLANs. Here's why:

Enhanced Security: Microsegmentation creates granular security zones within the data center, allowing for more precise control over east-west traffic between servers. This helps prevent lateral movement by attackers who may gain access to one part of the network.

Isolation of Tiers: By segmenting the web, database, and application servers, the organization can apply specific security policies and controls to each segment, reducing the risk of cross-tier attacks.

Compliance and Best Practices: Microsegmentation aligns with best practices for network security and helps meet compliance requirements by ensuring that sensitive data and systems are properly isolated and protected.


CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl

NIST Special Publication 800-125: Guide to Security for Full Virtualization Technologies

CIS Controls: Control 12 - Boundary Defense

by Ernest at Apr 07, 2025, 04:30 AM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Karol
5 months ago
A VPN won't really harden the environment like microsegmentation can.
upvoted 0 times
...
Dorsey
5 months ago
Totally agree, microsegmentation really limits exposure!
upvoted 0 times
...
Mauricio
5 months ago
I think implementing microsegmentation is key for security.
upvoted 0 times
...
Tegan
6 months ago
Surprised that people still think firewalls are enough these days.
upvoted 0 times
...
Mattie
6 months ago
SASb solutions are cool, but I’m not sure they’re the best choice here.
upvoted 0 times
...
Chantell
6 months ago
Installing a firewall sounds good, but I wonder if making it the network core is really the best approach for a three-tier architecture.
upvoted 0 times
...
Naomi
6 months ago
I feel like configuring a SASb solution is more about user access than actually hardening the environment itself.
upvoted 0 times
...
Laurel
7 months ago
I'm not entirely sure, but I think deploying a VPN might not be the best choice for hardening the servers.
upvoted 0 times
...
Rachael
7 months ago
I remember we discussed microsegmentation in class; it seems like a strong option for isolating servers.
upvoted 0 times
...
Johnathon
7 months ago
Configuring a SASE solution could work, but I'm not sure if that's the most appropriate option for this specific scenario. I'll need to research that further.
upvoted 0 times
...
Denna
7 months ago
Deploying a VPN might be a good start, but it doesn't seem like it would fully address the need to separate the web, database, and application servers.
upvoted 0 times
...
Shawnna
7 months ago
I'm a bit confused about the difference between a VPN and microsegmentation. I'll need to review those concepts before deciding.
upvoted 0 times
...
Remedios
8 months ago
Okay, let's see. Implementing microsegmentation on the server VLANs sounds like the most comprehensive approach to hardening the environment.
upvoted 0 times
...
Shannon
8 months ago
Hmm, this seems like a tricky one. I'll need to think through the different options carefully to determine the best solution.
upvoted 0 times
...
Christoper
1 year ago
SASb? Isn't that some kind of fancy-pants solution for people who have too much money and not enough security know-how? Microsegmentation is the real deal.
upvoted 0 times
Anglea
11 months ago
I agree, microsegmentation provides a more granular level of security compared to other solutions.
upvoted 0 times
...
Nguyet
11 months ago
True, SASb may be effective, but microsegmentation offers better control and isolation.
upvoted 0 times
...
Shawn
12 months ago
But what about using SASb? It's known for providing strong security measures.
upvoted 0 times
...
Abel
12 months ago
Microsegmentation is definitely the way to go for securing the environment.
upvoted 0 times
...
...
Arlie
1 year ago
A VPN to prevent remote access? That's so 2010. Microsegmentation is where it's at these days. Keep up with the times, folks!
upvoted 0 times
Helga
12 months ago
It's much more effective than just relying on a VPN for security.
upvoted 0 times
...
Dorsey
1 year ago
I agree, it provides granular control and limits lateral movement within the network.
upvoted 0 times
...
Susana
1 year ago
Microsegmentation is definitely the way to go for securing the environment.
upvoted 0 times
...
...
Deeanna
1 year ago
I'm not sure, but I think deploying a VPN could also be a good option to prevent unauthorized access.
upvoted 0 times
...
Phuong
1 year ago
I agree with Annmarie, microsegmentation can provide granular control and enhance security.
upvoted 0 times
...
Rashida
1 year ago
Hmm, I don't know about that. Installing a firewall at the network core? That's like using a sledgehammer to crack a nut. Talk about overkill!
upvoted 0 times
Dorcas
11 months ago
User 4: Dorcas, that's another good suggestion. ACLs can provide an additional layer of security without the need for a sledgehammer approach like a firewall at the network core.
upvoted 0 times
...
Mi
12 months ago
User 3: What about using access control lists (ACLs) to restrict traffic between the servers?
upvoted 0 times
...
Pamella
1 year ago
User 2: Pamella, that's a good idea. VLANs can help isolate the servers without the need for a firewall at the network core.
upvoted 0 times
...
Isreal
1 year ago
User 1: How about implementing VLANs to separate the servers?
upvoted 0 times
...
...
Stanford
1 year ago
C) Implementing microsegmentation on the server VLANs is the way to go. That's the best solution to harden the environment and limit access to specific server resources.
upvoted 0 times
...
Annmarie
1 year ago
I think the best solution is implementing microsegmentation on the server VLANs.
upvoted 0 times
...

Save Cancel